Ox App Suite Security Vulnerabilities and Issues — Ox App Suite CVE List

Lucene search

Open-xchangeOx App Suite

4 matches found

CVE•added 2022/07/27 2:15 p.m.•726 views

CVE-2022-24405

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.

9.8CVSS9.4AI score0.08004EPSS

CVE•added 2022/07/27 2:15 p.m.•674 views

CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls.

6.5CVSS6.6AI score0.00252EPSS

CVE•added 2022/07/27 2:15 p.m.•56 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment).

9.8CVSS9.6AI score0.02534EPSS

CVE•added 2022/07/27 2:15 p.m.•44 views

CVE-2022-23101

OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message.

6.1CVSS5.9AI score0.00493EPSS